Skip to content
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.

Commit f4f96f7

Browse files
author
avivklas
committedAug 31, 2021
#17 added tests with PSS signOpts
1 parent f1cc86d commit f4f96f7

File tree

1 file changed

+39
-0
lines changed

1 file changed

+39
-0
lines changed
 

‎certstore_test.go

+39
Original file line numberDiff line numberDiff line change
@@ -139,6 +139,19 @@ func TestSignerRSA(t *testing.T) {
139139
}
140140
}
141141

142+
// SHA256WithRSAPSS
143+
sha256Digest = sha256.Sum256([]byte("hello"))
144+
sig, err = signer.Sign(rand.Reader, sha256Digest[:], &rsa.PSSOptions{Hash: crypto.SHA256})
145+
if err == ErrUnsupportedHash {
146+
// Some Windows CSPs may not support this algorithm. Pass...
147+
} else if err != nil {
148+
t.Fatal(err)
149+
} else {
150+
if err = leafRSA.Certificate.CheckSignature(x509.SHA256WithRSAPSS, []byte("hello"), sig); err != nil {
151+
t.Fatal(err)
152+
}
153+
}
154+
142155
// SHA384WithRSA
143156
sha384Digest := sha512.Sum384([]byte("hello"))
144157
sig, err = signer.Sign(rand.Reader, sha384Digest[:], crypto.SHA384)
@@ -152,6 +165,19 @@ func TestSignerRSA(t *testing.T) {
152165
}
153166
}
154167

168+
// SHA384WithRSA
169+
sha384Digest = sha512.Sum384([]byte("hello"))
170+
sig, err = signer.Sign(rand.Reader, sha384Digest[:], &rsa.PSSOptions{Hash: crypto.SHA3_384})
171+
if err == ErrUnsupportedHash {
172+
// Some Windows CSPs may not support this algorithm. Pass...
173+
} else if err != nil {
174+
t.Fatal(err)
175+
} else {
176+
if err = leafRSA.Certificate.CheckSignature(x509.SHA384WithRSAPSS, []byte("hello"), sig); err != nil {
177+
t.Fatal(err)
178+
}
179+
}
180+
155181
// SHA512WithRSA
156182
sha512Digest := sha512.Sum512([]byte("hello"))
157183
sig, err = signer.Sign(rand.Reader, sha512Digest[:], crypto.SHA512)
@@ -165,6 +191,19 @@ func TestSignerRSA(t *testing.T) {
165191
}
166192
}
167193

194+
// SHA512WithRSA
195+
sha512Digest = sha512.Sum512([]byte("hello"))
196+
sig, err = signer.Sign(rand.Reader, sha512Digest[:], &rsa.PSSOptions{Hash: crypto.SHA512})
197+
if err == ErrUnsupportedHash {
198+
// Some Windows CSPs may not support this algorithm. Pass...
199+
} else if err != nil {
200+
t.Fatal(err)
201+
} else {
202+
if err = leafRSA.Certificate.CheckSignature(x509.SHA512WithRSAPSS, []byte("hello"), sig); err != nil {
203+
t.Fatal(err)
204+
}
205+
}
206+
168207
// Bad digest size
169208
_, err = signer.Sign(rand.Reader, sha1Digest[5:], crypto.SHA1)
170209
if err == nil {

0 commit comments

Comments
 (0)
Please sign in to comment.